CVE-2022-2292
SourceCodester Hotel Management System Room Edit Page 1 cross site scripting
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 3.5EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jul 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input "><script>alert("XSS")</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
SourceCodester · Hotel Management SystemQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →